CVE-2023-31188

Vulnerability

CVE-2023-31188 is an OS command injection vulnerability (CWE-78) affecting multiple TP-LINK Archer routers. The affected products and firmware versions are: Archer C50 firmware prior to 'Archer C50(JP)_V3_230505', Archer C55 firmware prior to 'Archer C55(JP)_V1_230506', and Archer C20 firmware prior to 'Archer C20(JP)_V1_230616' [4]. The vulnerability exists in an unspecified input field or function that does not properly sanitize user-supplied data, allowing injection of arbitrary OS commands.

Exploitation

An attacker must be on the same network as the target router (network-adjacent) and possess valid authentication credentials (e.g., administrator username/password) [4]. With authenticated access, the attacker can craft a malicious request containing OS commands and send it to a vulnerable endpoint. The vulnerability is reachable without user interaction beyond the attacker's own actions.

Impact

Successful exploitation allows the attacker to execute arbitrary OS commands on the router with the privileges of the web server process, likely leading to full compromise of the device (e.g., information disclosure, configuration modification, denial of service, or use as a pivot point in the network) [4]. The impact is limited to the router itself.

Mitigation

Update to the fixed firmware versions: Archer C50(JP)_V3_230505, Archer C55(JP)_V1_230506, or Archer C20(JP)_V1_230616, as applicable [1][2][3][4]. No workarounds are documented; affected users should apply the official firmware updates from the TP-Link download pages [1][2][3].